Unspecified Vulnerability in Oracle E-Business Suite Affects Data Integrity
CVE-2016-3523

4.7MEDIUM

Key Information:

Vendor
Oracle
Status
Web Applications Desktop Integrator
Vendor
CVE Published:
21 July 2016

Summary

An unspecified vulnerability exists in the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite, which could allow remote attackers to compromise data integrity. The flaw is linked to various vectors associated with Application Service, potentially leading to unauthorized access or manipulation of data across affected versions, including 12.1.3, 12.2.3, 12.2.4, and 12.2.5. Organizations utilizing these versions should assess their security measures to mitigate risks associated with this vulnerability.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/91911
vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.